Overall System Status:
Kerberos authentication software enables Dartmouth service providers and system administrators to restrict access to those services where identification is required.
Kerberos authentication uses two software applications, SideCar and KClient. In order to use SideCar and KClient, you must have an entry in the Dartmouth Name Directory (DND), the Dartmouth Alumni Name Directory (dartmouth.org) or the Dartmouth-Hitchcock Name Directory. The databases control access to the network resources of each entity. If you have a BlitzMail account on one of these sites, your information is in one of these databases.
Note: This will not work on Macintosh computers with an Intel processor (most machines built after June 2006). You will need to use WebAuth link or PKI authentication, rather than Kerberos authentication, on those machines.
Once the Kerberos software has been installed on your Macintosh computer, you can customize the settings by clicking on Kerberos, then Preferences. Note that the Kerberos application is usually found in the Applications-Utilities folder. Settings you can customize include:
On a single user computer, we recommend you leave these options at their default settings.
On a shared computer (such as one in a lab or public cluster), we recommend you shorten the lifetime of the ticket. That way, if you forget to clear your ticket, it won't remain open for several hours.
To clear, or invalidate, a Kerberos ticket:
You can now walk away from the computer knowing that the next person to use it can't impersonate you by using your open Kerberos ticket.
Last Updated: 9/24/10